GDPR: Using AWS Compliance Enabling Services
This learning path has been designed to help you meet some of the compliance needs of GDPR using specific compliance enabling services offered by AWS. Using a combination of these services and various security, auditing, alerting, monitoring and reporting features, you will understand how to enforce stringent security processes aligning to compliance controls required when storing personal data. You will be introduced to five different services allowing you to understand what they are used for and how to configure them, as well as an awareness of all of their features to help you implement and maintain your own levels of security at different levels as required. These services include:
- AWS CloudTrail
- Amazon Macie
- Amazon GuardDuty
- AWS Config
- Amazon Inspector
This learning path is intended for anyone who is responsible for maintaing security and complaince to meet specific regulations and controls, including those requried by GDPR
This learning path will enable you to:
- Identify different AWS Services that can be used to enforce GDPR compliance to meet regulations
- Configure security services to allow you to meet both internal and external security requirements
- Implement security methods within your infrastructure to quickly identify potential threats to your resources and data
- Understand how to safeguard your data from accidental and unintended exposure
8 hours of high definition video, 2 hands on labs and a final exam.
It would be beneficial to have a basic awareness and understanding of the following AWS services:
- Simple Storage Service
- Identity and Access Management (specifically around policies)
- AWS CloudWatch
- Simple Notification Service
- Key Management Service
This learning path starts by outlining some of the basics surrounding GDPR and how it affects your business before introducing you to the different AWS services that can help you to enable complaince within your infrastructure.
AWS CloudTrail: The primary function of AWS CloudTrail is to record and track all AWS API requests made. These API calls can be programmatic requests initiated from a user using an SDK, the AWS command line interface, from within the AWS management console or even from a request made by another AWS service.
Amazon Macie: The main function of the service is to provide an automatic method of detecting, identifying, and also classifying data that you are storing within your AWS account.
Amazon GuardDuty: Aregional-based intelligent threat detection service which allows users to monitor their AWS account for unusual and unexpected behavior by analyzing AWS CloudTrail event logs, VPC flow logs, and DNS logs. It then uses the data from logs and assesses them against multiple security and threat detection feeds, looking for anomalies and known malicious sources, such as IP addresses and URLs.
AWS Config: Captures and tracks resource changes within your environment along with other useful metadata which is held within a file known as a configuration item, a CI.
Amazon Inspector: This is a managed service that is used to help you find security vulnerabilities within your EC2 instances and any applications running on them during any stage of development and deployment.
We welcome all feedback so if you are unsure about where to start or if would like help getting started please direct any comments or questions to us at email@example.com